With the proliferation of services and applications available to users, it often becomes necessary for a particular user to remember login credentials, such as passwords, for a multitude of service and/or application accounts associated with the user. If the user forgets or loses a password associated with an account, the user typically has to initiate a password recovery procedure to regain access to the account. However, many existing password recovery procedures introduce security vulnerabilities.